generating-experience-lwr-site
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes Salesforce CLI commands such as
sf community create,sf project deploy,sf project retrieve, andsf data queryto manage site metadata and interact with Salesforce environments. These operations are essential to the skill's stated purpose of site management.\n- [COMMAND_EXECUTION]: Utilizes a Node.js utility (node -e) to generate UUID v4 strings for site content. This is a local utility function used to ensure unique identifiers for components and regions during the metadata creation process.\n- [PROMPT_INJECTION]: Ingests and processes metadata retrieved from Salesforce organizations, which represents an indirect prompt injection surface.\n - Ingestion points: XML and JSON metadata files (e.g.,
sharingRules,digitalExperiences) retrieved viasf project retrieve.\n - Boundary markers: None; external metadata is treated as structured data within the project structure.\n
- Capability inventory: Includes capabilities for deploying updated metadata and executing SOQL queries on the target organization.\n
- Sanitization: Relies on the agent following strict metadata schemas and naming conventions as defined in the skill's documentation.
Audit Metadata